Forum Discussion
Chris_Grant
May 24, 2016Employee
I would suggest taking a packet capture (tcpdump) on the BigIP filtered on the client's IP. This will allow you to see what is happening on the SSL handshake that might be causing a failure. Depending on the cause this is probably not something that can be fixed on the BigIP. I would suggest the following tcpdump string:
tcpdump -s0 -i 0.0:nnn -w /var/tmp/ssl.pcap host
where is the IP address of the system that is initiating the connection. Use ctrl-C to stop the capture. You will need to copy this off box to review in wireshark or another similar packet capture analysis tool. You are specifically interested in the Client and ServerHellos.